Summary

Behavioral changes introduced by JDK-8253368 for javax.net.ssl.SSLSocket should also be applied to javax.net.ssl.SSLEngine. Modify the SunJSSE implementation of SSLEngine.closeInbound() to not send a fatal alert to the peer and invalidate the TLS session if the SSLEngine hasn't received a close notification message from its peer.

Problem

[This is a retroactive CSR for an issue which didn't go through the CSR process, but later caused some problems upon deployment.]

The SunJSSE close notification checks for SSLEngine have been made less strict to conform to changes in the Transport Layer Security (TLS) RFCs.

Solution

Specifically, if an application tries to close its SSLEngine inbound side using SSLEngine.closeInbound() without having received a close notification message from its peer, the SSLEngine will no longer:

1. trigger the transmission of a TLS fatal-level alert to the peer, and
2. invalidate the current TLS session.

The new behavior will still consider this condition an error and will throw a local javax.net.ssl.SSLException. But a fatal-level alert will no longer be generated to be sent to the peer, and the underlying session will remain valid.

In addition, the internal transport context for the SSLEngine will also now be closed. This may result in a different SSLEngineResult.HandshakeStatus value on the SSLEngine. Any outstanding outbound data must still be obtained (SSLEngine.wrap()) and sent in order to gracefully close the connection.

Specification

There are no API changes. The webrev for this change is:

https://github.com/openjdk/jdk/commit/0b09f70a730404ceb827673f1d3c82fbf495bb41